About DDoS mitigation

Distributed denial of service (DDoS) attacks are increasing in scale and frequency. As an organisation in research and education, you need a cost-effective way to mitigate these attacks – reducing business risks, in a way that suits your needs and budget.

To help you reduce these risks, we provide a selection of DDoS mitigation services to Jisc members, from our inclusive foundation service to our optional enhanced services.

At Jisc, we have a wealth of expertise in cyber security – so whichever option you choose, you can trust us. We are ideally placed to apply DDoS mitigation across the Janet Network.

Foundation service

As part of your Jisc subscription, you receive our foundation DDoS mitigation service. This gives you peace of mind that Jisc will manually mitigate any attack against your network connection.

With this service, we detect and filter DDoS attack traffic across the Janet Network before it reaches you – mitigating the effects of attacks on your Janet connection, and reducing disruption and cost.

The service is available 09:00–midnight on weekdays and 09:00–17:00 at weekends.

Enhanced services

If you need a faster or more customised DDoS mitigation, or 24/7 response, you can choose to subscribe to our enhanced services – helping you further reduce the risk that a DDoS attack will cause damage to business-critical systems.

This service offers you:

Faster DDoS mitigation

Enhanced DDoS mitigation responds more quickly to a DDoS attack, reducing the window of opportunity for damage to occur.

Within the service, you select one of two reaction levels: fast or instant. The fast service triggers mitigation within four minutes; while with the instant service, traffic is routed permanently via the mitigation service, so there is no delay in defence.

Customisation options to suit your needs

When you choose enhanced DDoS mitigation, you can select pre-configured or bespoke mitigation, as appropriate.

With a pre-configured service, you choose from a selection of profiles designed to protect a selection of common services, such as web servers or DNS – using alert triggers and mitigation responses designed by Jisc security analysts to be suitable for most needs.

With a bespoke service, you can further tailor your protection, adjusting parameters with the help of a security analyst. For example:

You can add protection for external-facing services not normally included in pre-configured profiles – such as an internet-facing file transfer service, or maybe a service unique to your institution

You can customise protection to include or exclude specific domains or URLs

Together, pre-configured and bespoke options allow more accurate detection of attacks and more effective mitigation.

How it works

The foundation service is included in your Jisc subscription.

With the enhanced services, you can choose from four levels of mitigation, which increase in price as levels of customisation or reaction speed increase.

Creative Commons attribution information

The figures in the diagram reflect the cost of the service. For example, “instant pre-configured” (level 3) is a higher-cost service than “fast bespoke” (level 2).

The figures in the diagram reflect the cost of the service. For example, “instant pre-configured” (level 3) is a higher-cost service than “fast bespoke” (level 2).

Cyber security portal

Having a clear overview of network traffic is a useful part of any DDoS mitigation strategy.

If you’re connected to the Janet Network, you can view traffic on your connection by accessing our cyber security portal. The portal also gives details of alerts or DDoS mitigations, whether in the past or currently in progress.

Over time, the portal will also integrate other Jisc security services – letting you access more information about network security, and control services to which you subscribe.